Sugata Sanyal

Siby Abraham, Sugata Sanyal, Mukund Sanglikar

The paper introduces particle swarm optimization as a viable strategy to find numerical solution of Diophantine equation, for which there exists no general method of finding solutions. The proposed methodology uses a population of integer particles. The candidate solutions in the feasible space are optimized to have better positions through particle best and global best positions. The methodology, which follows fully connected neighborhood topology, can offer many solutions of such equations.

Anjan Kumar Kundu, Bijoy Bandopadhyay, Sugata Sanyal

An inverse iterative algorithm for microwave imaging based on moment method solution is presented here. The iterative scheme has been developed on constrained optimization technique and is certain to converge. Different mesh size for the model has been used here to overcome the Inverse Crime. The synthetic data at the receivers is contaminated with different percentage of noise. The ill-posedness of the problem is solved by Levenberg-Marquardt method. The algorithm is applied to synthetic data and the reconstructed image is then further enhanced through the Image enhancement technique

Amal Saha, Sugata Sanyal

There have been numerous works on network intrusion detection and prevention systems, but work on application layer intrusion detection and prevention is rare and not very mature. Intrusion detection and prevention at both network and application layers are important for cyber-security and enterprise system security. Since application layer intrusion is increasing day by day, it is imperative to give adequate attention to it and use state-of-the-art algorithms for effective detection and prevention. This paper talks about current state of application layer intrusion detection and prevention capabilities in commercial and open-source space and provides a path for evolution to more mature state that will address not only enterprise system security, but also national cyber-defence. Scalability and cost-effectiveness were important factors which shaped the proposed solution.

Tuhin Borgohain, Sugata Sanyal

The paper is a technical analysis of the security infrastructure in the field of RFID technology. The paper briefly discusses the architecture of the RFID technology. Then it analyses the various features and advantages RFID technology has over the existing technologies like bar codes. This is followed by a discussion of the various disadvantages and security drawbacks of RFID technology that prevents its widespread adoption in the mainstream market. The paper concludes with a brief analysis of some of the security measures that are implemented within the RFID technology for securing up the whole infrastructure. The main aim of the paper is to focus on the drawbacks of the pre-existing security measures in RFID technology as well as to discuss the direction in which further research has to be carried out without the compromise on its unique features.

Uday Kumar, Tuhin Borgohain, Sugata Sanyal

The paper aims to do a survey along with a comparative analysis of the various cryptography libraries that are applicable in the field of Internet of Things (IoT). The first half of the paper briefly introduces the various cryptography libraries available in the field of cryptography along with a list of all the algorithms contained within the libraries. The second half of the paper deals with cryptography libraries specifically aimed for application in the field of Internet of Things. The various libraries and their performance analysis listed down in this paper are consolidated from various sources with the aim of providing a single comprehensive repository for reference to the various cryptography libraries and the comparative analysis of their features in IoT.

Subhamoy Chakraborti, D. P. Acharjya, Sugata Sanyal

Enterprise Mobility has been increasing the reach over the years. Initially Mobile devices were adopted as consumer devices. However, the enterprises world over have rightly taken the leap and started using the ubiquitous technology for managing its employees as well as to reach out to the customers. While the Mobile ecosystem has been evolving over the years, the increased exposure of mobility in Enterprise framework have caused major focus on the security aspects of it. While a significant focus have been put on network security, this paper discusses on the approach that can be taken at Mobile application layer, which would reduce the risk to the enterprises.

Tuhin Borgohain, Amardeep Borgohain, Uday Kumar et al.

This paper analyses the various authentication systems implemented for enhanced security and private re-position of an individual's log-in credentials. The first part of the paper describes the multi-factor authentication (MFA) systems, which, though not applicable to the field of Internet of Things, provides great security to a user's credentials. MFA is followed by a brief description of the working mechanism of interaction of third party clients with private resources over the OAuth protocol framework and a study of the delegation based authentication system in IP-based IoT.

Amal Saha, Sugata Sanyal

The information technology and security stakeholders like CIOs, CISOs and CTOs in financial services organization are often asked to identify the risks with mobile computing channel for financial services that they support. They are also asked to come up with approaches for handling risks, define risk acceptance level and mitigate them. This requires them to articulate strategy for supporting a huge variety of mobile devices from various vendors with different operating systems and hardware platforms and at the same time stay within the accepted risk level. These articulations should be captured in information security policy document or other suitable document of financial services organization like banks, payment service provider, etc. While risks and mitigation approaches are available from multiple sources, the senior stakeholders may find it challenging to articulate the issues in a comprehensive manner for sharing with business owners and other technology stakeholders. This paper reviews the current research that addresses the issues mentioned above and articulates a strategy that the senior stakeholders may use in their organization. It is assumed that this type of comprehensive strategy guide for senior stakeholders is not readily available and CIOs, CISOs and CTOs would find this paper to be very useful.

Tuhin Borgohain, Uday Kumar, Sugata Sanyal

This paper is a general survey of all the security issues existing in the Internet of Things (IoT) along with an analysis of the privacy issues that an end-user may face as a consequence of the spread of IoT. The majority of the survey is focused on the security loopholes arising out of the information exchange technologies used in Internet of Things. No countermeasure to the security drawbacks has been analyzed in the paper.

Tuhin Borgohain, Amardeep Borgohain, Rajdeep Borgohain et al.

The purpose of this paper is to do a general survey on the existing communication modes inside a smart grid, the existing security loopholes and their countermeasures. Then we suggest a detailed countermeasure, building upon the Jigsaw based secure data transfer [8] for enhanced security of the data flow inside the communication system of a smart grid. The paper has been written without the consideration of any factor of inoperability between the various security techniques inside a smart grid

Amal Saha, Sugata Sanyal

Wallet may be described as container application used for configuring, accessing and analysing data from underlying payment application(s). There are two dominant types of digital wallet applications, proximity wallet and remote wallet. In the payment industry, one often hears about authentication approach for proximity or remote wallets or the underlying payment applications separately, but there is no such approach, as per our knowledge, for combined wallet, the holder application. While Secure Element (SE) controlled by the mobile network operator (i.e., SIM card) may ensure strong authentication, it introduces strong dependencies among business partners in payments and hence is not getting fraction. Embedded SE in the form of trusted execution environment [3, 4, 5] or trusted computing [24] may address this issue in future. But such devices tend to be a bit expensive and are not abundant in the market. Meanwhile, for many years, context based authentication involving device fingerprinting and other contextual information for conditional multi-factor authentication, would prevail and would remain as the most dominant and strong authentication mechanism for mobile devices from various vendors in different capability and price ranges. EMVCo payment token standard published in 2014 tries to address security of wallet based payment in a general way. The authors believe that it is quite likely that EMVCo payment token implementations would evolve in course of time in such a way that token service providers would start insisting on device fingerprinting as strong means of authentication before issuing one-time-use payment token. This paper talks about challenges of existing authentication mechanisms used in payment and wallet applications, and their evolution.

Amal Saha, Sugata Sanyal

After discussing the concept of DUKPT based symmetric encryption key management (e.g., for 3DES) and definition of cloud or remote wallet, the paper analyses applicability of DUKPT to different use cases like mobile banking, NFC payment using EMV contactless card and mobile based EMV card emulation, web browser based transaction and cloud or remote wallet. Cloud wallet is an emerging payment method and is gaining momentum very fast. Anticipating that the wallet product managers and security specialists may face these questions from different stakeholders, the authors have addressed applicability of DUKPT to cloud wallet use case quite elaborately. As per knowledge of the authors, this topic has been analysed and discussed for the first time.

Amal Saha, Sugata Sanyal

Payment transactions initiated through a mobile device are growing and security concerns must be ad-dressed. People coming from payment card industry often talk passionately about porting ISO 9564 PIN standard based authentication in open-loop card payment to closed-loop mobile financial transactions and certification of closed-loop payment product or solution against this standard. In reality, so far this standard has not been adopted in closed-loop mobile payment authentication and applicability of this ISO standard must be studied carefully before adoption. The authors do a critical analysis of the applicability of this ISO specification and makes categorical statement about relevance of compliance to closed-loop mobile payment. Security requirements for authentication in closed-loop mobile payment systems are not standardized through ISO 9564 standard, Common Criteria, etc. Since closed-loop mobile payment is a relatively new field, the authors make a case for Common Criteria Recognition Agreement (CCRA) or other standards organization to push for publication of a mobile device-agnostic Protection Profile or standard for it, incorporating the suggested authentication approaches.

Tanmoy Sarkar, Sugata Sanyal

Digital watermarking is the act of hiding information in multimedia data, for the purposes of content protection or authentication. In ordinary digital watermarking, the secret information is embedded into the multimedia data (cover data) with minimum distortion of the cover data. Due to these watermarking techniques the watermark image is almost negligible visible. In this paper we will discuss about various techniques of Digital Watermarking techniques in spatial and frequency domains

Tanmoy Sarkar, Sugata Sanyal

Steganalysis means analysis of stego images. Like cryptanalysis, steganalysis is used to detect messages often encrypted using secret key from stego images produced by steganography techniques. Recently lots of new and improved steganography techniques are developed and proposed by researchers which require robust steganalysis techniques to detect the stego images having minimum false alarm rate. This paper discusses about the different Steganalysis techniques and help to understand how, where and when this techniques can be used based on different situations.

Tanmoy Sarkar, Sugata Sanyal

Steganography (literally meaning covered writing) is the art and science of embedding secret message into seemingly harmless message. Stenography is practice from olden days where in ancient Greece people used wooden blocks to inscribe secret data and cover the date with wax and write normal message on it. Today stenography is used in various field like multimedia, networks, medical, military etc. With increasing technology trends steganography is becoming more and more advanced where people not only interested on hiding messages in multimedia data (cover data) but also at the receiving end they are willing to obtain original cover data without any distortion after extracting secret message. This paper will discuss few irreversible data hiding techniques and also, some recently proposed reversible data hiding approach using images.

Manoj Rameshchandra Thakur, Divye Raj Khilnani, Kushagra Gupta et al.

One of the most significant threats faced by enterprise networks today is from Bots. A Bot is a program that operates as an agent for a user and runs automated tasks over the internet, at a much higher rate than would be possible for a human alone. A collection of Bots in a network, used for malicious purposes is referred to as a Botnet. Bot attacks can range from localized attacks like key-logging to network intensive attacks like Distributed Denial of Service (DDoS). In this paper, we suggest a novel approach that can detect and combat Bots. The proposed solution adopts a two pronged strategy which we have classified into the standalone algorithm and the network algorithm. The standalone algorithm runs independently on each node of the network. It monitors the active processes on the node and tries to identify Bot processes using parameters such as response time and output to input traffic ratio. If a suspicious process has been identified the network algorithm is triggered. The network algorithm will then analyze conversations to and from the hosts of the network using the transport layer flow records. It then tries to deduce the Bot pattern as well as Bot signatures which can subsequently be used by the standalone algorithm to thwart Bot processes at their very onset.

Rohit Bhadauria, Rajdeep Borgohain, Abirlal Biswas et al.

Cloud computing is a revolutionary concept that has brought a paradigm shift in the IT world. This has made it possible to manage and run businesses without even setting up an IT infrastructure. It offers multi-fold benefits to the users moving to a cloud, while posing unknown security and privacy issues. User authentication is one such growing concern and is greatly needed in order to ensure privacy and security in a cloud computing environment. This paper discusses the security at different levels viz. network, application and virtualization, in a cloud computing environment. A security framework based on one-time pass key mechanism has been proposed. The uniqueness of the proposed security protocol lies in the fact, that it provides security to both the service providers as well the users in a highly conflicting cloud environment.

Animesh Kr Trivedi, Rishi Kapoor, Rajan Arora et al.

This paper proposes a combination of an Intrusion Detection System with a routing protocol to strengthen the defense of a Mobile Ad hoc Network. Our system is Socially Inspired, since we use the new paradigm of Reputation inherited from human behavior. The proposed IDS also has a unique characteristic of being Semi-distributed, since it neither distributes its Observation results globally nor keeps them entirely locally; however, managing to communicate this vital information without accretion of the network traffic. This innovative approach also avoids void assumptions and complex calculations for calculating and maintaining trust values used to estimate the reliability of other nodes observations. A robust Path Manager and Monitor system and Redemption and Fading concepts are other salient features of this design. The design has shown to outperform normal DSR in terms of Packet Delivery Ratio and Routing Overhead even when up to half of nodes in the network behave as malicious.

Siby Abraham, Sugata Sanyal, Mukund Sanglikar

The paper attempts to find numerical solutions of Diophantine equations, a challenging problem as there are no general methods to find solutions of such equations. It uses the metaphor of foraging habits of real ants. The ant colony optimization based procedure starts with randomly assigned locations to a fixed number of artificial ants. Depending upon the quality of these positions, ants deposit pheromone at the nodes. A successor node is selected from the topological neighborhood of each of the nodes based on this stochastic pheromone deposit. If an ant bumps into an already encountered node, the pheromone is updated correspondingly. A suitably defined pheromone evaporation strategy guarantees that premature convergence does not take place. The experimental results, which compares with those of other machine intelligence techniques, validate the effectiveness of the proposed method.

Sugata Sanyal, Rajdeep Borgohain

Machine Translation is the translation of one natural language into another using automated and computerized means. For a multilingual country like India, with the huge amount of information exchanged between various regions and in different languages in digitized format, it has become necessary to find an automated process from one language to another. In this paper, we take a look at the various Machine Translation System in India which is specifically built for the purpose of translation between the Indian languages. We discuss the various approaches taken for building the machine translation system and then discuss some of the Machine Translation Systems in India along with their features.

Sugata Sanyal, Parthasarathy P. Iyer

Cloud computing is a complex infrastructure of software, hardware, processing, and storage that is available as a service. Cloud computing offers immediate access to large numbers of the world's most sophisticated supercomputers and their corresponding processing power, interconnected at various locations around the world, proffering speed in the tens of trillions of computations per second. Information in databases and software scattered around the Internet. There are many service providers in the internet, we can call each service as a cloud, each cloud service will exchange data with other cloud, so when the data is exchanged between the clouds, there exist the problem of security. Security is an important issue for cloud computing, both in terms of legal compliance and user trust, and needs to be considered at every phase of design. In contrast to traditional solutions, where the IT services are under proper physical, logical and personnel controls, Cloud Computing moves the application software and databases to the large data centers, where the management of the data and services may not be trustworthy. This unique attribute, however, poses many new security challenges. Cloud computing seems to offer some incredible benefits for communicators.

Sugata Sanyal, Parthasarathy P. Iyer

In this paper we are proposing an algorithm which uses AES technique of 128/192/256 bit cipher key in encryption and decryption of data. AES provides high security as compared to other encryption techniques along with RSA. Cloud computing provides the customer with the requested services. It refers to applications and services that run on distributed network using virtualized resources and accessed by common IP and network standard. While providing data services it is becoming important to provide security for data. In cloud computing keeping data secure is an important issue to be focused. Even though AES was designed for military purposes, now a days it is been commercially adopted worldwide as it can encrypt most confidential document, as well as it can work in most restricted areas, and offers good defense against various attack techniques, and security level to protect data for next 2-3 decades.

Priyanka Naik, Sugata Sanyal

The concept of cloud computing was introduced to meet the increase in demand for new application for a project, and to provide a large storage facility whenever or wherever a user needs it. The cloud system facility helped many industries as well as individual users to get authentic software at a very low cost. But with this new system comes the major concern of security, as the connection to the cloud is through the web and the data and application availability need to be handled for each client. The paper describes the various security measures that can be added in isolation or in combination for securing data transmission, server and client.

Nitish Balachandran, Sugata Sanyal

Any decentralised distributed network is particularly vulnerable to the Sybil attack wherein a malicious node masquerades as several different nodes, called Sybil nodes, simultaneously in an attempt to disrupt the proper functioning of the network. Such attacks may cause damage on a fairly large scale especially since they are difficult to detect and there has been no universally accepted scheme to counter them as yet. In this paper, we discuss the different kinds of Sybil attacks including those occurring in peer-to-peer reputation systems, self-organising networks and even social network systems. In addition, various methods that have been suggested over time to decrease or eliminate their risk completely are also analysed along with their modus operandi.

Rajdeep Borgohain, Sugata Sanyal

In this paper, we discuss the implementation of a rule based expert system for diagnosing neuromuscular diseases. The proposed system is implemented as a rule based expert system in JESS for the diagnosis of Cerebral Palsy, Multiple Sclerosis, Muscular Dystrophy and Parkinson's disease. In the system, the user is presented with a list of questionnaires about the symptoms of the patients based on which the disease of the patient is diagnosed and possible treatment is suggested. The system can aid and support the patients suffering from neuromuscular diseases to get an idea of their disease and possible treatment for the disease.

Preetida Vinayakray-Jani, Sugata Sanyal

Mobile Ad hoc Networks (MANETs) are subject to various kinds of attacks. Deploying security mechanisms is difficult due to inherent properties of ad hoc networks, such as the high dynamics of their topology, restricted bandwidth, and limited resources in end device. With such dynamicity in connectivity and limited resources it is not possible to deploy centralized security solution but distribution solution. The paper proposes architectural security concept in distributed manner where network is divided into clusters with one cluster head node each. This cluster head node also act as a router providing proactive hidden routing by using Steganographic methods for inter-cluster security. Besides cipher method is used to provide intra-cluster security. The proposed secure architecture specifies operational view of cluster head as a router that provides trust, anonymity and confidentiality through Steganography and Cryptography respectively.

Rajdeep Borgohain, Sugata Sanyal

The use of Artificial Intelligence is finding prominence not only in core computer areas, but also in cross disciplinary areas including medical diagnosis. In this paper, we present a rule based Expert System used in diagnosis of Cerebral Palsy. The expert system takes user input and depending on the symptoms of the patient, diagnoses if the patient is suffering from Cerebral Palsy. The Expert System also classifies the Cerebral Palsy as mild, moderate or severe based on the presented symptoms.

Manoj Rameshchandra Thakur, Sugata Sanyal

A number of systems in recent times suffer from attacks like DDoS and Ping of Death. Such attacks result in loss of critical system resources and CPU cycles, as these compromised systems behave in an abnormal manner. The effect of such abnormalities is worse in case of compromised systems handling financial transaction, since it leads to severe monetary losses. In this paper we propose a system that uses the Replicated State Machine approach to detect abnormality in system usage. The suggested system is based on PAXOS algorithm, an algorithm for solving the consensus problem in a network of unreliable processors.

Siby Abraham, Sugata Sanyal, Mukund Sanglikar

The paper introduces a connectionist network approach to find numerical solutions of Diophantine equations as an attempt to address the famous Hilbert's tenth problem. The proposed methodology uses a three layer feed forward neural network with back propagation as sequential learning procedure to find numerical solutions of a class of Diophantine equations. It uses a dynamically constructed network architecture where number of nodes in the input layer is chosen based on the number of variables in the equation. The powers of the given Diophantine equation are taken as input to the input layer. The training of the network starts with initial random integral weights. The weights are updated based on the back propagation of the error values at the output layer. The optimization of weights is augmented by adding a momentum factor into the network. The optimized weights of the connection between the input layer and the hidden layer are taken as numerical solution of the given Diophantine equation. The procedure is validated using different Diophantine Equations of different number of variables and different powers.

Harshavardhan Kayarkar, Sugata Sanyal

With the explosive growth of internet and the fast communication techniques in recent years the security and the confidentiality of the sensitive data has become of prime and supreme importance and concern. To protect this data from unauthorized access and tampering various methods for data hiding like cryptography, hashing, authentication have been developed and are in practice today. In this paper we will be discussing one such data hiding technique called Steganography. Steganography is the process of concealing sensitive information in any media to transfer it securely over the underlying unreliable and unsecured communication network. Our paper presents a survey on various data hiding techniques in Steganography that are in practice today along with the comparative analysis of these techniques.

Sugata Sanyal, Manoj Rameshchandra Thakur

A number of works in the field of intrusion detection have been based on Artificial Immune System and Soft Computing. Artificial Immune System based approaches attempt to leverage the adaptability, error tolerance, self- monitoring and distributed nature of Human Immune Systems. Whereas Soft Computing based approaches are instrumental in developing fuzzy rule based systems for detecting intrusions. They are computationally intensive and apply machine learning (both supervised and unsupervised) techniques to detect intrusions in a given system. A combination of these two approaches could provide significant advantages for intrusion detection. In this paper we attempt to leverage the adaptability of Artificial Immune System and the computation intensive nature of Soft Computing to develop a system that can effectively detect intrusions in a given network.

Manoj Rameshchandra Thakur, Sugata Sanyal

In this paper, we suggest a multi-dimensional approach towards intrusion detection. Network and system usage parameters like source and destination IP addresses; source and destination ports; incoming and outgoing network traffic data rate and number of CPU cycles per request are divided into multiple dimensions. Rather than analyzing raw bytes of data corresponding to the values of the network parameters, a mature function is inferred during the training phase for each dimension. This mature function takes a dimension value as an input and returns a value that represents the level of abnormality in the system usage with respect to that dimension. This mature function is referred to as Individual Anomaly Indicator. Individual Anomaly Indicators recorded for each of the dimensions are then used to generate a Global Anomaly Indicator, a function with n variables (n is the number of dimensions) that provides the Global Anomaly Factor, an indicator of anomaly in the system usage based on all the dimensions considered together. The Global Anomaly Indicator inferred during the training phase is then used to detect anomaly in the network traffic during the detection phase. Network traffic data encountered during the detection phase is fed back to the system to improve the maturity of the Individual Anomaly Indicators and hence the Global Anomaly Indicator.

Rohit Bhadauria, Sugata Sanyal

Cloud Computing holds the potential to eliminate the requirements for setting up of high-cost computing infrastructure for IT-based solutions and services that the industry uses. It promises to provide a flexible IT architecture, accessible through internet for lightweight portable devices. This would allow multi-fold increase in the capacity or capabilities of the existing and new software. In a cloud computing environment, the entire data reside over a set of networked resources, enabling the data to be accessed through virtual machines. Since these data-centers may lie in any corner of the world beyond the reach and control of users, there are multifarious security and privacy challenges that need to be understood and taken care of. Also, one can never deny the possibility of a server breakdown that has been witnessed, rather quite often in the recent times. There are various issues that need to be dealt with respect to security and privacy in a cloud computing scenario. This extensive survey paper aims to elaborate and analyze the numerous unresolved issues threatening the cloud computing adoption and diffusion affecting the various stake-holders linked to it.

Rajdeep Borgohain, Moirangthem Tiken Singh, Chandrakant Sakharwade et al.

Security and trust are the most important factors in online transaction, this paper introduces TSET a Token based Secure Electronic Transaction which is an improvement over the existing SET, Secure Electronic Transaction protocol. We take the concept of tokens in the TSET protocol to provide end to end security. It also provides trust evaluation mechanism so that trustworthiness of the merchants can be known by customers before being involved in the transaction. Moreover, we also propose a grading mechanism so that quality of service in the transactions improves.